So how do you …

… convince your cluster users not to run as root user?

Yet another story for beer-time.

Any advice out there on how to explain how bad (really really bad) of an idea this is? I have tried, but they seem to not make the connection between this and spurious failures of jobs. Testing the system as a normal user shows it runs fine.

There is a joke this reminds me of.

Patient: “Doctor, it hurts when I do this.”

Doctor: “So don’t do it!”

Viewed 7377 times by 1536 viewers

3 thoughts on “So how do you …

  1. So. I have my some of my customers not running as root now. But since they set up a lot of scripts in one particular user’s account they all insist on logging in as that user in order to run anything – is that better or worse? 🙂

  2. Never give them root access in the first place. If they have root in the development environment and they can’t get their jobs or code to run as a regular user then that represents a bug not a permissions problem. Also set up job ID users that people can switch to for debug purposes via something like sudo but never give that user root access either. Make it easier to move people into and out of projects. Also prevents people from making conflicting changes to the shell or batch environment.

  3. @Stephen

    If security is not an issue, and they don’t mind trampling all over each others accounts … ok it is a bad thing.

    @Dan

    Well … its their cluster, we are just helping them to solve a problem or two.

    I agree on the bug portion. And the debug vs other things.

    I like the concept of giving limited Sudo rights. Managing this is a bear though.

    But, again, it is their cluster. I am just trying to stop them from causing self-inflicted cluster wounds, by, in large part, trying to educate them as to why this is a “Bad Thing”(TM)

Comments are closed.